SSO in Windows 11 Not Working

Use this Forum to post tips and techniques for using aXes. Please explain in detail. This Forum is managed by the aXes user community. LANSA cannot guarantee the accuracy of any information posted to this Forum.

Moderator: jeanmichel

Post Reply
Posts: 9
Joined: 15 Sep 2018, 05:26

SSO in Windows 11 Not Working

Post by » 09 Feb 2024, 01:44

The issue is Windows Defender Credential Guard, which blocks unconstrained Windows Integrated Kerberos authentication.

It is enabled by default on all systems running on Windows 11, version 22H2 and later.

There are 2 regkeys to be present to explicitly disable that component.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LsaCfgFlags=0 (DWORD)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\LsaCfgFlags=0 (DWORD)

Also, just fyi:
Windows10 does not have nor need these regkeys to function, if they are added to the registration, it does not have a negative impact on functionality.
We tested Win10 with the registration keys and connectivity was still successful

Post Reply